SSH tunnel over SQUID

- N
- nicola.calipari
  
  Contact options for registered users
posted
15 years ago

Thu, Oct 16, 2008 12:30 AM

Hello.

I have to reach a cluster of linux machines protected by a firewall. The usual way to reach them is to SSH from inside the network, but i need to do it from outside.

I have the credentials and everything, but the cluster belong to a university so the admin is lazy and i need to minimize the requests to him.

My idea was to use a squid proxy that is open to outsiders (there's a ezproxy too).

Here's the ezproxy:

formatting link

Here's .pac config for two different squid proxy:

formatting link

As i said I have full credentials to get inside the net, is just that i don't know how to do and that the admin don't have time to help me.

Loading thread data ...

- B
- Burkhard Ott
  
  Contact options for registered users
Vote on answer
posted
15 years ago

Thu, Oct 16, 2008 5:24 PM

Am Wed, 15 Oct 2008 17:30:58 -0700 schrieb nicola.calipari:

A http proxy cant speak ssh, you need to run the ssh client behind the proxy and you have to speak http/s through the proxy.

So, you think after the proxy you'll have access to the network behind? If so then you're right the admins are lazy, but I don't think so.

And behind the proxy is surely another firewall to prevent access to ssh.

It doesn't matter, first the admins have a reason to prevent access via ssh second after the proxy is surely an ip filter/firewall or whatever to prevent access to private segments and if not there could also be a layer3 router to do the work.

Your only chance I think is to access a ssh client behind the proxy on a webserver (cgi shell or whatever) but it only works if your webserver can reach the cluser and you can reach the webserver or something it speaks http/s.

cheers

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.